github/polaris
1
0
Fork 0
mirror of https://github.com/FairwindsOps/polaris.git synced 2026-05-07 17:57:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
755 Commits 28 Branches 117 Tags
rb/cos
Commit Graph

177 Commits

Author SHA1 Message Date
Jordan Doig
63fd576d3e Add support for arbitrary Kinds (#505) 
* Add basic flow

* Add arbitrary validator

* Pipe config through to resource provider

* Set arbitraries on resource provider

* Add arbitrary validation to fullaudit

* Add conf argument

* Fix resource setting from string

* PR updates

* Fix nil map error

* Delete lingering print, add pdb check, start implementing validator test

* move ingress to arbitrary

* fix compile

* refactor a bunch

* add tls tests

* tests passing

* resource provider helper

* refactor tests

* fix exemptions

* fix check test

* fix up resource creation from API

* fix init containers

* fix cronjob test

* fix pod tests

* combine controllers and-noncontrollers in resource provider

* delint

* add ingress backward compat

* fix tests

* reenable test

* rename a fn

* remove unused fn

* remove if

Co-authored-by: Robert Brennan <contact@rbren.io>
 2021-03-26 08:29:59 -04:00
Robert Brennan
1fed099b53 Pretty printer for audit (#512) 
* pretty output

* add colors

* better nocolor

* fix up main title

* delint

* remove double negative

* update docs
 2021-03-12 12:20:00 -05:00
Robert Brennan
768b715fdf fix npe (#511) 2021-03-08 08:34:31 -05:00
Robert Brennan
2064384985 fix status bar for ingress (#509) 2021-03-03 10:20:36 -05:00
Robert Brennan
b436699260 add a test (#506) 2021-02-26 16:29:25 -05:00
Jordan Doig
4c3d0e0603 Set full object ObjectMeta on new workload from Pod (#471) 
* Unmarshal OriginalObjectJSON into ObjectMeta

* Unmarshal to unst before converting too v1 Object

* Add passing annotated deployment webhook test case

* fix meta accessor

* fix tests

* remove logs

* fix tests

Co-authored-by: Robert Brennan <contact@rbren.io>
 2021-02-26 15:33:40 -05:00
MAKOSCAFEE
f42af35352 fix merge conflicts 2021-02-24 21:17:58 +03:00
Robert Brennan
c16aac808f fix checks for k8s defaults (#496) 
* fix insecure caps check

* add more tests

* fix privilege escalation allowed
 2021-02-11 17:11:16 -05:00
MAKOSCAFEE
0aa173789a refactor resultSet loop 2021-02-09 19:16:42 +03:00
MAKOSCAFEE
fe0060af77 added test for score 2021-01-29 22:13:01 +03:00
Jordan Doig
93a80e44d3 Manually set Ingress object Kind 2021-01-14 11:38:32 -07:00
Jordan Doig
bc866a4d18 Merge branch 'master' into jd/out-of-control 2021-01-14 11:20:35 -07:00
Robert Brennan
ec557f7ce8 Update dependencies (#470) 
* update to v20

* fix tests
 2021-01-08 14:01:01 -05:00
Jordan Doig
4cee8b7e35 Some nil pointer dereference fixes 2021-01-07 20:40:22 -07:00
Jordan Doig
3a8655de81 Update validate ingress test 2021-01-04 20:44:38 -07:00
Jordan Doig
3f62126bdd Refactor resolveCheck 2021-01-04 16:52:09 -07:00
Jordan Doig
ee8768591b Merge branch 'master' into jd/out-of-control 2021-01-04 16:14:33 -07:00
Robert Brennan
17d19cacff Fix up zero-score issues (#468) 
* return score of 100 when no checks specified

* fix up zero states in frontend

* rename variables
 2021-01-04 13:25:05 -05:00
Jordan Doig
5ab9f0b251 Add ingress tls check 2021-01-04 09:53:09 -07:00
Jordan Doig
fc368485ef Add ingress schema checks 2020-12-30 21:58:48 -07:00
Jordan Doig
9d68ee2359 Merge remote-tracking branch 'origin/master' into jd/out-of-control 2020-12-28 12:40:23 -07:00
skatika
f1957631b5 Remove unsued import 2020-12-22 14:30:09 -05:00
skatika
86b3ab5186 Revert nil slice declarations 2020-12-22 14:27:53 -05:00
skatika
564803c9f8 Fix instructions 2020-12-22 14:10:15 -05:00
skatika
a4e45a0e95 Merge branch 'master' of github.com:FairwindsOps/polaris into ssk/container-exemptions 
# Conflicts:
#	README.md
#	pkg/validator/controller_test.go
#	pkg/validator/fullaudit_test.go
 2020-12-18 09:57:35 -05:00
skatika
dd2976794a Implement namespace and container exemptions. Also refactoring according to gofmt 2020-12-18 09:50:04 -05:00
Robert Brennan
7c98598858 Fix test fixtures, add a test for controllers (#455) 
* first pass at fixing test fixtures

* tests mostly working

* add controller test

* remove debug stuff

* delint

* revert test file

* remove extra controllers from fixtures

* delint

* fix messages
 2020-12-17 17:32:01 -05:00
skatika
fdd30717e5 Remove unused parameter 2020-12-17 09:54:29 -05:00
skatika
e57668fc75 Fix typos 2020-12-16 17:17:43 -05:00
Jordan Doig
550447234a ControllerResult to Result 2020-12-16 13:32:08 -07:00
jordandoig
717d9b2630 PodResult to pointer 2020-12-16 12:11:19 -07:00
baderbuddy
b3f1b3b478 Recategorize the results into standard categories. (#434) 
* Initial checkin for recategorizing checks

* Fix tests

* Fix tests

* Update example output
 2020-11-04 10:17:37 -05:00
Markus Blaschke
5bce1db05e Implement namespace support for exceptions (#421) 
* Implement namespace support for exceptions

Signed-off-by: Markus Blaschke <mblaschke82@gmail.com>

* remove debug

Signed-off-by: Markus Blaschke <mblaschke82@gmail.com>

* Add documentation

Signed-off-by: Markus Blaschke <mblaschke82@gmail.com>

Co-authored-by: baderbuddy <bader@fairwinds.com>
 2020-10-19 08:45:45 -04:00
baderbuddy
7c9f01639b Update dependencies (#400) 
* Start working on updating dependencies:

* Fix webhook

* Rollback jsonschema update

* Checkin new config

* Fix run as root

* Update versions of kind

* Fix typo in kind URL

* Fix kind config

* Add csr permissions

* Fix weird image thing

* Fixed certificates

* Add to logging

* Approve cert manually

* Fix approval

* Add cert script

* Fix deployment

* Add requests/limits

* Wait if certificate doesn't exist yet

* Add check for file size

* Add variable

* Try a different imagE

* Fix command

* Update certificate logic

* Add healthz

* Don't check cert size

* Remove stat

* Fix vet

* Put in change that makes no sense

* Fix cert names

* Roll back

* Try changing config

* Add logging for each request

* Cleanup code some

* Remove bad deployments

* Fix client injection

* Update timeout

* Add logging

* Fixed e2e webhook tests

* Add permissions for approval

* Fix permissions for CSR

* Remove logging code

* Remove refresh certs file

* Fix merge issues

* Update deployments

* Try beta of admission controller config

* Target 1.15 for testing

* Add beta versions of resourceS

* Lower webhook timeout

* Refactor out a method

* Fix up PR issues

* Fix more tabs

* Remove unnecessary messageS

* Fix go.sum

* Fix go.sum
 2020-09-11 08:53:14 -04:00
Robert Brennan
b4e3d40f4b Add priority class check, some test infra (#342) 
* add check for priority-class

* add test message

* lint
 2020-06-22 16:34:48 -04:00
Robert Brennan
2ac6a2b540 Change error to danger (#299) 
* rename 'error' to 'danger'

* update dashboard

* fix docs

* update deploy configs
 2020-05-19 08:41:07 -04:00
Robert Brennan
ac9412920f sort results on dashboard (#295) 
This reverts commit 0c671d0f62.
 2020-05-18 15:01:12 -04:00
baderbuddy
d50d9c81f8 Add the capability for controller level checks (#285) 
* Add controller level checks

* Add check for multipleReplicas

* Fixed spec

* Add controller level check

* Move controller schema checks to their own function.
 2020-05-18 14:57:35 -04:00
Robert Brennan
0c671d0f62 Revert "sort results on dashboard" 
This reverts commit e9064dfddc.
 2020-05-18 17:21:22 +00:00
Robert Brennan
e9064dfddc sort results on dashboard 2020-05-18 17:18:23 +00:00
baderbuddy
69621f7034 Improve performance (#278) 
* rename root fs check

* speed up docker build

* refactor webhook to be more generic

* delete controllers pkg

* revert deploy

* fix example config

* remove controllersToScan config

* fix lint error

* fix webhook name

* FileSystem -> Filesystem

* update deps

* skip node owners

* clean up meta tracking

* Cache results of dynamic queries

* Dynamically pick types to list.

* Fix unit tests

* Fix the other tests I missed

* Fix container test

* Fix issues from PR feedback

Co-authored-by: Robert Brennan <bobby.brennan@gmail.com>
Co-authored-by: Robert Brennan <accounts@rbren.io>
 2020-05-01 13:29:29 -04:00
Robert Brennan
6792fba91f Delete controllers package (#270) 
* rename root fs check

* speed up docker build

* refactor webhook to be more generic

* delete controllers pkg

* revert deploy

* fix example config

* remove controllersToScan config

* fix lint error

* fix webhook name

* FileSystem -> Filesystem

* update deps

* skip node owners

* clean up meta tracking

Co-authored-by: Robert Brennan <bobby.brennan@gmail.com>
 2020-04-27 10:43:02 -04:00
Bader Boland
3c46f405a9 Cleanup SupportedControllers 2020-03-25 16:50:12 -04:00
Bader Boland
a5828a2d3b Fix tests 2020-03-25 14:23:18 -04:00
Bader Boland
5769acf820 deduplicate results right away 2020-03-25 13:25:26 -04:00
Bader Boland
68fe23018a Feedback from PR 2020-03-23 09:27:36 -04:00
Bader Boland
fb0d7c5d82 Add additional logging 2020-03-17 16:19:58 -04:00
Bader Boland
8c769e445c Cut out duplicitive code. 2020-03-17 13:23:58 -04:00
Bader Boland
7fdebfc4db Fix tests 2020-03-17 09:19:33 -04:00
Bader Boland
bb34be7e02 Dynamically retrieve parents 2020-03-16 16:41:16 -04:00